Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-21894 PoC — Microsoft Windows Secure Boot 安全特征问题漏洞

Source
https://github.com/bakedmuffinman/BlackLotusDetection
Associated Vulnerability
Title:Microsoft Windows Secure Boot 安全特征问题漏洞 (CVE-2022-21894)
Description:Microsoft Windows Secure Boot是美国微软(Microsoft)公司的安全启动。 Microsoft Windows Secure Boot存在安全特征问题漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for ARM64-based Systems,Windows Serv
Description
Created to help detect IOCs for CVE-2022-21894: The BlackLotus campaign
Readme
# BlackLotusDetection
Created to help detect IOCs for CVE-2022-21894: The BlackLotus campaign

https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/


This creates an output txt file in the c:\temp folder.
File Snapshot

 [4.0K]  /data/pocs/640cd85c0426c375480ed025fe8cf861160570bf
├── [2.5K]  PTG.ps1
└── [ 291]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.